Getting IPv6 Support

Given the impending doom of IPv4, I thought I’d try and setup my site to be accessible over IPv6. Thankfully my webhost has dual-stack connectivity in their datacenter. They also assign IPv6 addresses for free, in fact they gave me 65,537 addresses.[^1]

Getting nginx setup was trivially easy, I re-compiled the software adding the --with-ipv6 flag, then added the line listen [::]:80 to my vhost files (or indeed listen [::]:443). This was in addition to the usual listen directive.

Getting IPv6 configured correctly on the system took a little more working out. In the end I think I have simplified my configuration even for IPv4. I use Debian 7 which comes with the newer iproute2 package to manage network connections. With the stored settings in /etc/network/interfaces. This is mine:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# This line makes sure the interface will be brought up during boot
auto eth0
allow-hotplug eth0

# The primary network interface
iface eth0 inet static
	address 85.17.141.27
	netmask 255.255.255.0
	gateway 85.17.141.254
	# dns-* options are implemented by the resolvconf package, if installed
	dns-nameservers 85.17.150.123 85.17.96.69 85.17.150.123 62.212.64.122
	dns-search localdomain
	# up commands
	up sysctl -w net.ipv6.conf.eth0.autoconf=0
	up sysctl -w net.ipv6.conf.eth0.accept_ra=0
	up ip addr add 85.17.141.33/24 dev eth0
	up ip -6 addr add 2001:1af8:4100:a00e:4::1/64 dev eth0
	up ip -6 ro add default via 2001:1af8:4100:a00e::1 dev eth0

This sets up the default IPv4 address and a default gateway. Then once the interfrace is brought up at boot time the ip command is invoked, which is a part of the iproute2 package, to add a second IPv4 address. Then add an IPv6 address and the default route to use when communicating over IPv6.

You’ll notice I also use the sysctl command to change some system settings. These stop the system trying to assign itself an IPv6 address and to not listen to router advertisements. I think these were causing my IPv6 connection to drop.

Now my system is setup as so:

➜ ~  ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether d4:ae:52:c5:d2:1b brd ff:ff:ff:ff:ff:ff
inet 85.17.141.27/24 brd 85.17.141.255 scope global eth0
inet 85.17.141.33/24 scope global secondary eth0
inet6 2001:1af8:4100:a00e:4::1/64 scope global
   valid_lft forever preferred_lft forever
inet6 fe80::d6ae:52ff:fec5:d21b/64 scope link
   valid_lft forever preferred_lft forever

and

➜ ~  ip -6 ro
2001:1af8:4100:a00e::/64 dev eth0  proto kernel  metric 256
fe80::/64 dev eth0  proto kernel  metric 256
default via 2001:1af8:4100:a00e::1 dev eth0  metric 1024

Even though I don’t have IPv6 at home yet, my site should be connectible over IPv6.

[^1]: I was given the IP addresses ::0000 to ::FFFF, that’s 216 addresses.

*[IP]: Internet Protocol